cvedb.io
CVE-2015-5271
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2016-04-15T17:59:00.193 · Last modified 2026-06-17T00:28:47.700

Summary

The TripleO Heat templates (tripleo-heat-templates) do not properly order the Identity Service (keystone) before the OpenStack Object Storage (Swift) staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive information from private containers via unspecified vectors.

Affected products

redhat — openstack

Does this affect you?

Add your gear to cvedb and we'll alert you only when redhat ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.